Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2019/02/27 5:16 p.m.•151 views

USN-3898-1: NSS vulnerability

Hanno Böck and Damian Poddebniak discovered that NSS incorrectly handled certain CMS functions. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service...

6.5CVSS6.8AI score0.01956EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/26 6:59 p.m.•94 views

USN-3897-1: Thunderbird vulnerabilities

A use-after-free was discovered in libical. If a user were tricked in to opening a specially crafted ICS calendar file, an attacker could potentially exploit this to cause a denial of service. CVE-2016-5824 Multiple security issues were discovered in Thunderbird. If a user were tricked in to...

10CVSS8.1AI score0.12658EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/26 6:20 p.m.•91 views

USN-3896-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same origin protections, or execute arbitrary code...

8.8CVSS7.7AI score0.0313EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/26 2:26 p.m.•115 views

USN-3895-1: LDB vulnerability

It was discovered that LDB incorrectly handled certain search expressions. A remote attacker could possibly use this issue to cause the Samba LDAP process to crash, resulting in a denial of service...

6.5CVSS6.9AI score0.02821EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/26 2:20 p.m.•71 views

USN-3894-1: GNOME Keyring vulnerability

It was discovered that GNOME Keyring incorrectly cleared out credentials supplied to the PAM module. A local attacker could possibly use this issue to discover login credentials...

7.8CVSS7.4AI score0.01483EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/26 2:14 p.m.•87 views

USN-3866-3: Ghostscript regression

USN-3866-2 fixed a regression in Ghostscript. The Ghostscript update introduced a new regression that resulted in certain pages being printed with a blue background. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/02/25 1:32 p.m.•70 views

USN-3893-2: Bind vulnerabilities

USN-3893-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Bind incorrectly handled certain trust anchors when used with the "managed-keys" feature. A remote attacker could possibly use this issue...

5.3CVSS6.5AI score0.037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/22 8:8 a.m.•184 views

USN-3893-1: Bind vulnerabilities

Toshifumi Sakaguchi discovered that Bind incorrectly handled memory. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. CVE-2018-5744 It was discovered that Bind incorrectl...

7.5CVSS6.6AI score0.037EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/21 2:34 p.m.•103 views

USN-3866-2: Ghostscript regression

USN-3866-1 fixed vulnerabilities in Ghostscript. The new Ghostscript version introduced a regression when printing certain page sizes. This update fixes the problem. Original advisory details: Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or...

5.9AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/02/20 10:42 a.m.•159 views

USN-3892-1: GDM vulnerability

Burghard Britzke discovered that GDM incorrectly handled certain configurations. An attacker could possibly use this issue to get unauthorized access to a different user...

6.9CVSS6.8AI score0.00504EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/18 3:43 p.m.•92 views

USN-3850-2: NSS vulnerabilities

USN-3850-1 fixed several vulnerabilities in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Keegan Ryan discovered that NSS incorrectly handled ECDSA key generation. A local attacker could possibly use this issue to perform a cache-timing attack...

5.9CVSS6.3AI score0.44398EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/18 3:19 p.m.•413 views

USN-3891-1: systemd vulnerability

It was discovered that systemd incorrectly handled certain D-Bus messages. A local unprivileged attacker could exploit this in order to crash the init process, resulting in a system denial-of-service kernel panic...

5.5CVSS6.4AI score0.02035EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/13 2:10 p.m.•130 views

USN-3890-1: Django vulnerability

It was discovered that Django incorrectly handled formatting certain numbers. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

7.5CVSS6.5AI score0.05399EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/13 2:4 p.m.•129 views

USN-3889-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

8.8CVSS7.9AI score0.09755EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/02/12 4:42 p.m.•70 views

USN-3888-1: GVfs vulnerability

It was discovered that GVfs incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information...

7CVSS7AI score0.00368EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/12 4:10 p.m.•454 views

USN-3887-1: snapd vulnerability

Chris Moberly discovered that snapd versions 2.28 through 2.37 incorrectly validated and parsed the remote socket address when performing access controls on its UNIX socket. A local attacker could use this to access privileged socket APIs and obtain administrator privileges. On Ubuntu systems wit...

10CVSS8.2AI score0.61075EPSS
Exploits10References1
Ubuntu
Ubuntu
•added 2019/02/11 11:44 a.m.•183 views

USN-3886-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20551, CVE-2019-7310...

7.8CVSS6.7AI score0.02196EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/02/08 8:3 p.m.•144 views

USN-3878-3: Linux kernel regression

USN-3878-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that could prevent systems with certain graphics chipsets from booting. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that a...

6.2AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2019/02/07 10:4 p.m.•111 views

USN-3878-2: Linux kernel (Azure) vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/07 9:56 p.m.•94 views

USN-3871-5: Linux kernel (Azure) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/02/07 6:50 p.m.•399 views

USN-3885-1: OpenSSH vulnerabilities

Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output...

6.8CVSS7AI score0.58204EPSS
Exploits9
Ubuntu
Ubuntu
•added 2019/02/07 11:45 a.m.•101 views

USN-3884-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain 7zip files. An attacker could possibly use this issue to cause a denial of service. CVE-2019-1000019, CVE-2019-1000020...

6.5CVSS6.3AI score0.03407EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/06 2:21 p.m.•158 views

USN-3883-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly handled certain document files. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. CVE-2018-10119, CVE-2018-10120, CVE-2018-11790 It was discovere...

9.8CVSS7.3AI score0.78683EPSS
Exploits16
Ubuntu
Ubuntu
•added 2019/02/06 2:7 p.m.•244 views

USN-3882-1: curl vulnerabilities

Wenxiang Qian discovered that curl incorrectly handled certain NTLM authentication messages. A remote attacker could possibly use this issue to cause curl to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. CVE-2018-16890...

9.8CVSS6.6AI score0.12771EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/02/05 3:30 p.m.•115 views

USN-3881-2: Dovecot vulnerability

USN-3881-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field...

7.7CVSS6.8AI score0.02462EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/05 1:42 p.m.•65 views

USN-3881-1: Dovecot vulnerability

It was discovered that Dovecot incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users...

7.7CVSS6.7AI score0.02462EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/02/04 11:25 p.m.•127 views

USN-3880-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3880-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the CIFS client implementation in the Linux kernel did not...

7.8CVSS7.1AI score0.03501EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/02/04 11:5 p.m.•150 views

USN-3880-1: Linux kernel vulnerabilities

It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service client system crash...

7.8CVSS7.1AI score0.03501EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/02/04 11:0 p.m.•143 views

USN-3871-3: Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/02/04 10:47 p.m.•193 views

USN-3879-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel could...

7.8CVSS6.5AI score0.00586EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/04 10:21 p.m.•186 views

USN-3879-1: Linux kernel vulnerabilities

Wen Xu discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system cras...

7.8CVSS6.4AI score0.00586EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/02/04 9:54 p.m.•94 views

USN-3871-4: Linux kernel (HWE) vulnerabilities

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/02/04 7:44 p.m.•89 views

USN-3878-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/31 7:20 p.m.•178 views

USN-3871-2: Linux kernel regression

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the metabg option enabled. This update fixes the problems. We apologize for the inconvenience. Original...

6.8AI score
Exploits0References2
Ubuntu
Ubuntu
•added 2019/01/31 7:9 p.m.•79 views

USN-3877-1: LibVNCServer vulnerabilities

It was discovered that LibVNCServer incorrectly handled certain operations. A remote attacker able to connect to applications using LibVNCServer could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code...

9.8CVSS7.4AI score0.26543EPSS
Exploits3
Ubuntu
Ubuntu
•added 2019/01/31 1:0 p.m.•146 views

USN-3876-2: Avahi vulnerabilities

USN-3876-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. CVE-2017-6519,...

9.1CVSS7.4AI score0.03082EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/31 11:38 a.m.•207 views

USN-3876-1: Avahi vulnerabilities

Chad Seaman discovered that Avahi incorrectly handled certain messages. An attacker could possibly use this issue to cause a denial of service. CVE-2017-6519, CVE-2018-1000845...

9.1CVSS7.3AI score0.03082EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/30 11:24 p.m.•76 views

USN-3875-1: OpenJDK vulnerability

It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions. CVE-2019-2422...

3.1CVSS6.8AI score0.03374EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/30 10:43 p.m.•103 views

USN-3874-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, gain additional privileges by escaping the sandbox, or execute arbitrary code. CVE-2018-18500,...

10CVSS8AI score0.12658EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/30 12:33 p.m.•108 views

USN-3873-1: Open vSwitch vulnerabilities

It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2018-17204 It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote...

7.5CVSS6.3AI score0.02531EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/29 2:54 a.m.•132 views

USN-3872-1: Linux kernel (HWE) vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...

8.8CVSS6.2AI score0.00477EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/29 2:49 a.m.•142 views

USN-3871-1: Linux kernel vulnerabilities

Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

8.8CVSS6.9AI score0.02914EPSS
Exploits7
Ubuntu
Ubuntu
•added 2019/01/28 7:7 p.m.•100 views

USN-3870-1: Spice vulnerability

Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.4AI score0.01208EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/24 9:16 p.m.•71 views

USN-3868-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code...

9.8CVSS8.1AI score0.09646EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/24 2:14 p.m.•60 views

USN-3869-1: Subversion vulnerability

Ivan Zhakov discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS6.7AI score0.57822EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/23 4:6 p.m.•111 views

USN-3867-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.25. In addition to security fixes, the updated packages contain bug fixes, new features,...

7.1CVSS6.5AI score0.0461EPSS
Exploits0
Ubuntu
Ubuntu
•added 2019/01/23 3:54 p.m.•60 views

USN-3866-1: Ghostscript vulnerability

Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of...

7.8CVSS7.8AI score0.43901EPSS
Exploits2
Ubuntu
Ubuntu
•added 2019/01/23 1:39 p.m.•99 views

USN-3707-2: NTP vulnerabilities

USN-3707-1 and USN-3349-1 fixed several vulnerabilities in NTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could...

9.8CVSS7AI score0.12466EPSS
Exploits4
Ubuntu
Ubuntu
•added 2019/01/22 1:58 p.m.•135 views

USN-3865-1: poppler vulnerabilities

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20481, CVE-2018-20650...

6.5CVSS6.7AI score0.03422EPSS
Exploits1
Ubuntu
Ubuntu
•added 2019/01/22 1:30 p.m.•127 views

USN-3864-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.4AI score0.1496EPSS
Exploits7
Total number of security vulnerabilities10923